Anthem's Hacked Data Was Unencrypted

Millions of names, birthdays, and Social Security numbers were nabbed from the database.

A huge leak just went from bad to worse for health insurer Anthem. Earlier this week we heard that data for 80 million customers had been hacked. Today, the company revealed that they hadn't encrypted customer information. Millions of stolen records from customers and employees included names, dates of birth, social security numbers, and home addresses all in plain text.

Anthem says that customer information is encrypted whenever transmitted out, but while the information sits in the database, it's unencrypted. Storing it in plain text reportedly made it easier to share information between doctors and medical professionals.

Advertisement - Continue Reading Below

The company says it uses elevated user credentials to control access, but the attack took advantage of stolen employee credentials.